Critical Success Factors for AI Cybersecurity Implementation in A South African State-Owned Entity: A Socio-Technical Approach

Abstract

The integration of artificial intelligence (AI) into cybersecurity is crucial for mitigating increasingly sophisticated cyber threats. However, existing research often focuses exclusively on either technical or social factors, leading to an imbalance in AI cybersecurity implementation priorities. This study addresses this gap by exploring the critical success factors (CSFs) for AI cybersecurity implementation in a South African state-owned entity (SOE) by applying a socio-technical lens. Using an interpretive case study approach, this research employed in-depth interviews with technical experts and end-users in the SOE. Thematic analysis was used to identify the key critical success factors. The findings reveal that successful AI cybersecurity implementation depends on technological advancements and their alignment with human, environmental, and organisational factors. The key technical CSFs identified include data quality, efficiency, scalability, and automation, while the social CSFs encompass change acceptance, top management support, cybersecurity awareness, human oversight, ethical considerations, and usability. A socio-technical perspective provides practitioners with a more balanced understanding of AI cybersecurity implementation, ensuring that security solutions are not only technically sound but also socially acceptable and effectively integrated within organisational structures. Based on these findings, the study develops a framework to guide policymakers, IT security professionals, and AI developers in implementing AI-driven cybersecurity solutions effectively. This research advances the application of socio-technical theory in organisational cybersecurity by illustrating how the interplay between technological and social factors can influence the successful implementation of AI-driven security solutions. Future research should examine how human oversight can be effectively integrated with AI in cybersecurity to enhance reliability, ethical compliance, and user trust in AI-enabled security solutions.